CVE-2008-0553

Published: Feb 7, 2008Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.

Affected (69)

Products: Tcl Tk: Tcl Tk

Tcl Tk

1 product

Tcl Tk

Configuration A

69 vulnerable

Vulnerable Software	Affected Versions
Tcl Tk Tcl Tk	Up to 8.4.17
Tcl Tk Tcl Tk	Version 2.1
Tcl Tk Tcl Tk	Version 3.3
Tcl Tk Tcl Tk	Version 4.0p1
Tcl Tk Tcl Tk	Version 6.1
Tcl Tk Tcl Tk	Version 6.1p1
Tcl Tk Tcl Tk	Version 6.2
Tcl Tk Tcl Tk	Version 6.4
Tcl Tk Tcl Tk	Version 6.5
Tcl Tk Tcl Tk	Version 6.6
Tcl Tk Tcl Tk	Version 6.7
Tcl Tk Tcl Tk	Version 7.0
Tcl Tk Tcl Tk	Version 7.1
Tcl Tk Tcl Tk	Version 7.3
Tcl Tk Tcl Tk	Version 7.4
Tcl Tk Tcl Tk	Version 7.5
Tcl Tk Tcl Tk	Version 7.5p1
Tcl Tk Tcl Tk	Version 7.6
Tcl Tk Tcl Tk	Version 7.6p2
Tcl Tk Tcl Tk	Version 8.0.3
Tcl Tk Tcl Tk	Version 8.0.4
Tcl Tk Tcl Tk	Version 8.0.5
Tcl Tk Tcl Tk	Version 8.0
Tcl Tk Tcl Tk	Version 8.0p2
Tcl Tk Tcl Tk	Version 8.1.1
Tcl Tk Tcl Tk	Version 8.1
Tcl Tk Tcl Tk	Version 8.2.0
Tcl Tk Tcl Tk	Version 8.2.1
Tcl Tk Tcl Tk	Version 8.2.2
Tcl Tk Tcl Tk	Version 8.2.3
Tcl Tk Tcl Tk	Version 8.3.0
Tcl Tk Tcl Tk	Version 8.3.1
Tcl Tk Tcl Tk	Version 8.3.2
Tcl Tk Tcl Tk	Version 8.3.3
Tcl Tk Tcl Tk	Version 8.3.4
Tcl Tk Tcl Tk	Version 8.3.5
Tcl Tk Tcl Tk	Version 8.4.0
Tcl Tk Tcl Tk	Version 8.4.10
Tcl Tk Tcl Tk	Version 8.4.11
Tcl Tk Tcl Tk	Version 8.4.12
Tcl Tk Tcl Tk	Version 8.4.13
Tcl Tk Tcl Tk	Version 8.4.14
Tcl Tk Tcl Tk	Version 8.4.15
Tcl Tk Tcl Tk	Version 8.4.16
Tcl Tk Tcl Tk	Version 8.4.1
Tcl Tk Tcl Tk	Version 8.4.2
Tcl Tk Tcl Tk	Version 8.4.3
Tcl Tk Tcl Tk	Version 8.4.4
Tcl Tk Tcl Tk	Version 8.4.5
Tcl Tk Tcl Tk	Version 8.4.6
Tcl Tk Tcl Tk	Version 8.4.7
Tcl Tk Tcl Tk	Version 8.4.8
Tcl Tk Tcl Tk	Version 8.4.9
Tcl Tk Tcl Tk	Version 8.4a2
Tcl Tk Tcl Tk	Version 8.4a3
Tcl Tk Tcl Tk	Version 8.4a4
Tcl Tk Tcl Tk	Version 8.4b1
Tcl Tk Tcl Tk	Version 8.4b2
Tcl Tk Tcl Tk	Version 8.5.0
Tcl Tk Tcl Tk	Version 8.5_a3
Tcl Tk Tcl Tk	Version 8.5a1
Tcl Tk Tcl Tk	Version 8.5a2
Tcl Tk Tcl Tk	Version 8.5a3
Tcl Tk Tcl Tk	Version 8.5a4
Tcl Tk Tcl Tk	Version 8.5a5
Tcl Tk Tcl Tk	Version 8.5a6
Tcl Tk Tcl Tk	Version 8.5b1
Tcl Tk Tcl Tk	Version 8.5b2
Tcl Tk Tcl Tk	Version 8.5b3

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (88)

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html

Source: secalert@redhat.com

http://secunia.com/advisories/28784

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/28807

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/28848

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/28857

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/28867

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/28954

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/29069

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/29070

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/29622

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/30129

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/30188

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/30535

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/30717

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/30783

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/32608

Source: secalert@redhat.com

http://securitytracker.com/id?1019309

Source: secalert@redhat.com

http://sourceforge.net/project/shownotes.php?release_id=573933&group_id=10894

Source: secalert@redhat.com

http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1

Source: secalert@redhat.com

http://ubuntu.com/usn/usn-664-1

Source: secalert@redhat.com

http://wiki.rpath.com/Advisories:rPSA-2008-0054

Source: secalert@redhat.com

http://www.debian.org/security/2008/dsa-1490

Source: secalert@redhat.com

http://www.debian.org/security/2008/dsa-1491

Source: secalert@redhat.com

http://www.debian.org/security/2008/dsa-1598

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2008:041

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2008_13_sr.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0134.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0135.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0136.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/488069/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/493080/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/27655

Source: secalert@redhat.com

Patch

http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2008/0430

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1456/references

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1744

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=431518

Source: secalert@redhat.com

https://issues.rpath.com/browse/RPL-2215

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html